AnsibleFest… and was it a Fest

I recently was able to enjoy AnsibleFest. I just happened to be in SF that week on a business trip and decided to drop in… or rather my company decided it would be cool… especially since we’re looking for help.

The big push for this was the release of Ansible 2.0. One thing to note in Ansible 2.0 is that some of the old flags (including inventory flags) have been replaced with other flags, so be prepared to update your playbooks although I would imagine Ansible was nice enough to make it backwards compatible. I do have in the plan to upgrade to 2.0 soon, so I will blog about what heartaches I have/don’t have in the upgrade process with my current plays.

One of the nice things that supposed to occur in 2.0 is an upgrade to Ansible’s debug features in the playbooks. The output in the debug is supposedly now itemized so that you can ask for the specific information that you’re looking for out of the debug messages instead of having to dump everything to get them. That is sweet and will be really nice for things like infrastructure monitoring playbooks if you have them. For A squared, it will be extremely nice for our Ansible customers so that we can definitely know for sure that the expected result happened and not rely on the OK messages that people expect.

I also got a chance to look at the networking modules for Cisco Nexus and Juniper. These modules look very nice and useful. For Cisco lovers, there are no modules for IOS yet although I hear they are coming, but you can also use the shell flag for now and pass your commands that way.

One of the things that bugged me about Ansible before was that there were only 2 ways to do root level things. Login as a root user or sudo. Granted… I think sudo is a better way to do things, but sometimes when working with various cloud providers you are given a username who has “su” access to root, but not sudo and is not a root user. Before 2.0, we had to login and make the user sudo in order to make our playbooks works. Ansible 2.0 now has the notion of “become_user” which is their way of “su”. With that, you can also use “become_password” which will pass the password for the “su” user. Thanks Ansible. :)

So remembering what I mentioned earlier about passing Cisco IOS commands with Shell… the “become_user” feature will now allow you to login to your device in non-privileged so that you can “become_user” enable. Get it?

The vendor area for AnsibleFest was small, but I saw a couple of interesting technologies. One of which was Cumulus. Cumulus seems to be an opensource SDN for WAN capabilities using Quagga to help with things like EIGRP, BGP, RIP, and I think MPLS is coming soon. So Quagga out of the box is a bit of a beast, but Cumulus tries to make it easy to use by taking a lot of the hardwork out of Quagga for you. I remember working with Quagga in my Emulab days and I can definitely say “Thank you Cumulus” if they did a good job with that. This is a technology that I look forward to testing out and playing with in the next few months.

StackIQ was another interesting vendor that I met. StackIQ has the ability to provision to baremetal while hooking into your ansible playbooks so that you can deploy the OS and perform whatever your playbooks are doing all in one shot… as long as your hardware as IPMI, PXE, or similar capabilities. This is hugely cool for A squared since the StackIQ API could give us the ability to deploy everything if we wanted to do that in our roadmap.

The best thing about both Cumulus and StackIQ is that they are open source technologies, so feel free to play and let me know what cool things you come up with.

In short… AnsibleFest was also fun and we learned a good bit. The docker modules for Ansible have been rewritten and they have their own tool for building containers which you might want to play with if you don’t want to learn Docker. It was a fun day though.